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About This Guide 


The DirXML? Driver for Remedy ARS provides a solution for synchronizing data between 
Novell® eDirectory™ and ARS databases. 


This guide provides an overview of the driver's technology as well as configuration 
instructions. 


Additional Documentation 


For documentation on using Identity Manager and the other drivers, see the Identity Manager 
Documentation Web site (http: / /www.novell.com/documentation/dirxml20/index.html). 


Documentation Updates 


For the most recent version of this document, see the Identity Manager Documentation Web 
site (http: //www.novell.com/documentation/dirxmldrivers). 


Documentation Conventions 
In this documentation, a greater-than symbol (>) is used to separate actions within a step 
and items within a cross-reference path. 


A trademark symbol (®, ™, etc.) denotes a Novell trademark. An asterisk (*) denotes a third- 
party trademark. 


User Comments 


We want to hear your comments and suggestions about this guide and the other 


documentation included with Novell Nsure'^ Identity Manager. To contact us, send e-mail to 
proddocenovell.com. 


Introducing the DirXML Driver for Remedy ARS 


Overview 


The Remedy Action Request System (ARS) is a platform and development environment for 
automating Service Management business processes. 


Nsure Identity Manager Driver 1.0 for Remedy ARS provides data integration between 
Novell® eDirectory™ and Remedy ARS. 


The driver uses the Remedy Java* API to access Remedy objects and data. Preconfigured 
driver policies allow synchronization, creation, and management between eDirectory and 
Remedy ARS—for both users and groups. 


For example, the driver can request new-employee data from eDirectory and then send the 
information to Remedy ARS, where an account and password are created automatically. 


The driver can also synchronize other Remedy data to the directory. 


The Driver for Remedy ARS 
The driver consists of one file: ARSDriver.jar. 


The driver needs the ARS API library to operate correctly. The ARS API library consists 
of two parts, the Java portion and the native portion. These files can be found in the 
AR System installation directory. 


The Java files (arapi51.jar/arapi60.jar) must be copied to the /lib directory of the 
eDirectory server or the directory where the remote loader runs. 


The native files (arapi51.dll, arjni51.dll, arrpc51.dll, and arutl51.dll or arapi60.dll, 
arjni60.dll, arrpc60.dll, and arutl60.dll) must be copied to the remote loader 
directory or to the \Novell\nds directory. 


Database Concepts 
The driver acceses Remedy ARS objects through the Java Remedy API. 


On the Remedy system, the driver uses the DirXML Notifier filter setting for the 
Publisher Channel. By default, the filter publishes events from User and Group 
schemas. If you want to publish events from others schemas, you need to edit the 
database filter using the Remedy Administrator tool. 


Data Synchronization 


In the following scenarios, you can have one or more customer forms. 


Subscriber Channel 
Synchronization on 
the Subscriber Channel 


ARS Database 


( Subscriber )- = = 


The subscriber updates tables directly in the ARS Server. 


Publisher Channel 


When a customer table is updated, the publication filter inserts rows into the event 
log table. The publisher then reads the inserted rows and updates eDirectory. The 
publisher then deletes the processed rows in the event log table. 


Synchronization on 
the Publisher Channel 


ARS Database 


: 
x 


i 


Associations 


DirXML associations are built with the schema name and the Request ID of the entry 
for example, User/00000000001. 


Driver Prerequisites 


The driver for Remedy ARS requires the following: 


Novell® Nsure ^ Identity Manager 2 


Remedy ARS Server 5.0 or later 


Supported Platforms 


Windows* NT* 
Windows 2000 
Windows 2003 


Driver Limitations 


The driver currently supports only the Character, Date/Time, Integer, Drop-Down List and 
Radio Button fields. Referential attribute (Views, Tables, etc.) synchronization isn't 
supported. 

Password Synchronization is supported on Subscriber channel only. 

Move commands are not supported by this driver. 


Installing the Driver 


This chapter explains the following tasks: 


Planning the Installation 

Installing the Driver 

Importing the Driver Configuration 
Installing Database Objects 


Activating the Driver 


Planning the Installation 


Before you install and use the driver, you should determine which kind of installation 
you want to use: local or remote. 


When to Use a Local Installation 


A local installation installs the driver on the same host computer where you have the 
DirXML® engine (Identity Manager) installed. 


When to Use a Remote Installation 


A remote installation installs the driver on a different computer than the one where 
Identity Manager and eDirectory are installed. Remote installations can use SSL 
encryption to ensure data privacy between the driver and the DirXML engine. You 
should use this configuration when it is not possible or desirable to run the driver on 
the same host with eDirectory and Identity Manager. 


Note: If you select a remote installation, the Remote Loader must run on a Windows 
computer. 


Installing the Driver 


1. 


From the Remedy system, copy arapi51.jar (or arapi60.jar) to the NOVELL\NDS\LIB 


directory for a local installation. 


For a remote installation, this file should be copied to novell\remoteloader\lib. 


2. Run the Remedy Driver Installer.exe to begin the product installation. 


3. Select the product components you want to install: 


e Remedy Driver: Installs the Remedy driver. 


Novell eDirectory must be installed before you can install this option. 


* Remedy Driver for Connected System: Installs the Remedy ARS driver for Remote 
Loader. 


* Remedy Driver Policy: Installs the Remedy driver configuration. 


If Novell iManager is not present, the installer will prompt for an installation 
directory. 


Depending on your system configuration, you might need to run the installation program 
several times to install components on the various systems. 


4. (Optional) Restart eDirectory if prompted for a shutdown during the installation. 


5. Start iManager. 


Configuring the Driver 


As you import the driver configuration file, you will be prompted for the following 
information. 


Parameter Name Parameter Description 


Driver Name The actual name you want to use for the driver. 

Authentication ID The login name to be used on the ARS Server. 

Authentication Password The User password this driver uses for the ARS Server 
logon. 

Authentication Context The hostname or IP address for connecting to the 
appropriate ARS Server. 

Polling Interval How often the driver polls for unprocessed events in ARS 
Server. 


eDirectory Base Container |The name of the Organization object under which ARS 
objects will be created. 


Remote/Local Configure the driver for use with the Remote Loader 
service by selecting the Remote option, or select Local to 
configure the driver for local use. If Local is selected, you 
can skip the remaining parameters. 


Remote Hostname and Port |Specify the host Name or IP address and port number for 
the location where the Remote Loader service has been 
installed and is running for this driver. The default port is 
8090. 


Driver Password The driver object password is used by the Remote Loader 
to authenticate itself to the DirXML server. It must be the 
same password that is specified as the driver object 
password on the DirXML Remote Loader. 


Parameter Name Parameter Description 


Remote Password The Remote Loader password is used to control access to 
the Remote Loader instance. It must be the same password 
that is specified as the Remote Loader password on the 
DirXML Remote Loader. 


Importing the Driver Configuration 


The driver configuration (XML) file creates and configures the objects needed in order for 
the driver to work properly. It also includes sample rules and style sheets you can modify for 
your implementation. 


1. In iManager, select DirXML Management » Create Driver. 
2. Select a driver set. 


3. Select Import a Driver Configuration from the Server, then select the RemedyARS.xml 
file. 


The driver configuration file is installed on the Web server when you set up iManager. 


4. When prompted to enter a name for the driver, enter the driver's name and click Next to 
continue. 


5. (Optional) Click Define Security Equivalences. 


1. Click Add, then select an object with Admin rights (or any other rights that you 
want the driver to have). 


2. Click Apply, then click ok. 
6. (Optional) Click Exclude Administrative Roles to exclude objects from replication. 
1. Click Add, then select any users you want to exclude (such as the admin user). 
2. Click Apply, then click ok. 
7. Click Next to view the import summary, then verify that the configuration is correct. 
8. Click Finish with Overview. 


The necessary Identity Manager objects have now been created. If you didn't define security 
equivalences or exclude administrative users during the import, you can complete these 
tasks by modifying the driver object's properties. 


Installing Database Objects 


The following information explains how to install and configure database objects for 
synchronization with the default, driver configuration. 


1. Launch AR System User. 


2. Create a user with the name dirxml and a Fixed License Type, then make this User 
member of Admistrator Group. 


If you want a user with a name other than dirxml, you must use the Remedy 
Administration tool to modify the filter. From the Basic tab, change the name of the 
condition test in the DirXML Notifier (SUSERS!-'dirxmU) field. 


You will also need to click the If Action tab, and modify the 'User Name' field to include 
the new username. 


Launch AR System Administrator. 
Select the ARS server. 


Select Tools » Imports Definitions » From Definition File... 


ge E og 


Locate the DirXML Notifier.xml file in the novell\nds directory and import the filter. 


Activating the Driver 


Activation must be completed within 90 days of installation or the driver will not run. 


For activation information, refer to Activating Novell Identity Management Products. 


Configuring the Driver 


After you import the driver, you need to provide authentication information for the ARS 
Server. 


Configuring Driver Authentication 


1. In Novell iManager, click DirXML Management » Overview. 
2. Locate the driver set containing the driver, then click the driver's icon. 


3. Atthe DirXML Driver Overview, click the driver object, which will display the 
driver configurations. 


Refer to the individual driver implementation guides for more information about 
each driver's specific parameters. 


4. Enter driver authentication information: 


Parameter Name Sample Configuration Value Required Field 
Authentication ID dirxml Yes 
Authentication Context REMEDY Yes 
Application Password dirxml Yes 


Authentication ID 


Authentication ID is the name of the driver's ARS Server user/login account. This user 
must exist and be granted login/session privileges on the ARS Server or a connection 
cannot be established. In addition, this user must have rights to select, insert, 
update, and delete in the synchronization schema tables or synchronization will fail. 


Authentication Context 
Authentication Context is the ARS Server network name (or address). 
Example: REMEDY 


If you are not using the RPC port mapper service, you have to specify the listening 
port of the ARS Server. 


Example: REMEDY: 1234 


Application Password 


This is the password for the ARS Server user/login account that is used by the driver. 
You must create a user/login account on the ARS Server and grant login/session 
privileges to this account or the driver will be unable to connect. 


Setting Driver Parameters 


After you have set the driver authentication parameters, you should set the driver's 
parameters. 


Driver parameters are divided into three categories: 
* Driver 
* Subscriber 


e Publisher 
Configuring Driver Settings 


1. In iManager, click DirXML Management » Overview. 
2. Locate the driver set containing the driver, then click the driver's icon. 


3. At the DirXML Driver Overview, click the driver object, which will display the 
driver configurations. 


There is only one parameter for the driver. 

Configuring Publisher Settings 

* Polling Interval 

Polling interval is an optional, case-insensitive parameter that specifies how often, in 


seconds, the publisher should poll the event log table for events. The default value is 
600 seconds. 


Advanced Driver Configuration 


Schema Mapping 


The following table shows a high-level view of how the driver maps Novell? 


After installing a sample configuration, you will need to customize the driver for specialized 


use. This chapter contains important conceptual information, sample configurations, etc. to 
help you configure the driver. 


eDirectory™ objects to Database objects. 


Tree Schemas 

Class Table/Forms 

Attribute Field 

Association RequestID 
Default Mapping 


The default configuration allows synchronization of users and groups with their 


mandatory attributes. 


Attribute mapping for Group objects: 


eDirectory Name ARS Name 


CN Group Name 

Full Name Long Group Name 
Description Comments 

GID Group ID 
creatorsName Creator 


Group ID is a mandatory attribute in ARS, so you must add this attribute to the newly 


Groups created, or the add events will be filtered out. 


Attribute mapping for User objects: 


eDirectory Name ARS Name 


CN Login Name 
Group Membership Group List 
Internet Email Address Email Address 
creatorsName Creator 
Surname Full Name(*) 
Given Name Full Name(*) 


(*) not in the mapping rule 


User's ARS Full Name attribute is build from the eDirectory Given Name and Surname 
attributes. For example: 


In eDirectory: Given Name=Nicolas and Surname-McDonald 
In ARS: Full Name=Nicolas McDonald 


Of course, this works both ways. This is done by the Full Name builder policy on the 
Subscriber Channel, and by the Surname builder and Given Name builder policies on 
the Publisher Channel. 


On the Subscriber Channel, the Full Name attribute is parsed to find the Surname and 
Given Name. 


The Surname is built with whatever follows the first blank character (if anything.) 


The Given Name is build with what preceeds the first blank character (if anything.) 


Schema Mapping Extensions 


This driver is designed to allow shema mapping extension. 


New eDirectory objects can be synchronized with a new ARS Table. After the mapping 
rule is updated for the new objects and attributes, you have to update the DirXML 
Notifier Filter on the ARS Server. 


The DirXML Notifier Filter watches for events on a set of Table (by default, User and 
Group). Use the ARS Administration Tool to update the list of Forms. 


Event Mapping 
Add Events 


Add events are mapped to one CREATE statement in the ARS Server. 


Modify Events 


Modify events are mapped to one SET statement in the ARS Server. 


Delete Events 


Delete events are mapped to one DELETE statement in the ARS Server. 


Rename Events 


Rename events are mapped to one SET statement in the ARS Server. Rename events 
are transformed into Modify events by the 'RenameHandlers' policies. 


Move Events 


Move events are No Operations or NOOPs. They are always mapped to zero 
statements. 


The Event Log Table 


The event log table is where publication events are stored. This section discusses the 
structure and limitations of this table. 


This table is filled by the DirXML Notifier Filter. For each event, there are three pieces of 
data stored in the table. 


« Whom is the event for? 


This is used to filter events, because this table can be used for other purposes. The 
publisher retrieves only events for the dirxml user. All events filled by the DirXML 
Notifier Filter are for the dirxml user. 


e What caused the event? 
This describes the type of event. Possible values are CREATE, SET, MODIFY, and DELETE. 
e Which Entry was the event performed on? 


This information is provided by the table's Name and the Entry's RequestID fields. This is 
used by the publisher to retrive the entry's attributes to build the event for DirXML. 


The table is polled by the publisher, and each successfully sent event is deleted from the 
table. Because there is no way for the publisher to find which attributes have changed, it 
publishes the full entry definition for each event. 


Using Remote Loader 


Keep in mind the following items when setting up the Remote Loader: 


e The driver is a Java driver 
The class name is be.opns.dirxml.driver.ars.arsremedydrivershim. ARSDriverShim 


Follow the instructions in *Using the Remote Loader Service" in the Nsure Identity 
Manager Administration Guide 


(http: //www.novell.com/documentation/dirxml20/admin/data/ac6qgdi.html#ac6qgdi). 


Troubleshooting 
This chapter identifies common error messages and the possible causes. 


* No authentication information 


No login/password/server was supplied to the driver. Check the driver configuration in 
iManager. This is a fatal error, so the driver will shut down. 


« Unable to connect to ARS server 


The driver didn't successfully log in. Check the driver authentication configuration (login 
name, password, and context) and Remedy native library. 


* No SchemaDef was found for xxxx 


The driver tried to retrieve information for an unknown schema. Check that all classes in 
the Publisher and Subscriber Filter are mapped. This error should never occur except if a 
synchronized table was modified while the driver was running. Restart the driver to fix 
this. 


* Problem with native libraries 


The driver can’t access the Remedy libraries. Check that the Remedy library .dll files are 
in the system path (usually /winnt/system32). Refer to Chapter 3, “Installing the Driver.” 


- No events published 


Check that the DirXML Notifier is correctly installed on the ARS server. 


